October 2, 2016 Omer Ramić Tools & projects

One of the rapidly growing occupations and most sought in the world are certainly an IT security officers. There is currently a huge deficit of the system security experts.

IT security officer has to be a person with many abilities. These persons need to be very knowledgeable about functioning of both hardware and software systems. And a very skilled programmers. One of titles for such people is a pentester. Pentester prefer to work with web and mobile applications. They tend to find bugs or errors in systems that can be simple, as logical bugs to critical bugs.

This python script is made having this in mind. Script can check large number of pages (thousands) automatically on any web portal in short time period. Script will identify all potential login pages for user/admin.

Script is intended firstly for use by 'blackbox' pentesters, and all those who need to check security of login pages.

Let's say someone (for example malicious user) finds errors that enables him/her to get access data (passwords and usernames). Where will he/she enter these? Some custom made websites don't have obvious links to login pages (they are hidden). So they have to find them manually, or use this script and find them fast and easy.

Script has 2297 different links to test for you in it's search for login form. You can add some your own links as well by simply modifying file with these links.

Usage of script is very simple. Enter website URL (picture bellow).

For more details check video bellow.

Link for script: GitHub

Usage: lpf.py -u URL

Login page finder usage